If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Threaded View

Nikto Result Interpretation

Dear friends,

I'm new here and I'm not sure if my question might seems so dummy to you so excuse me if it's not a right place to ask it.
I used nikto for a site (not mine). I paste some lines here:
////////////////////////////////////

+ OSVDB-0: GET /scripts/samples/details.idc : See RFP 9901; www.wiretrip.net
+ OSVDB-396: GET /_vti_bin/shtml.exe : Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
+ OSVDB-0: GET /cgi-perl/handler.cgi : Variation of Irix Handler? Has been seen from other CGI scanners.
+ OSVDB-0: GET /cgi-perl/finger.pl : finger other users, may be other commands?
+ OSVDB-0: GET /cgi-perl/get32.exe : This can allow attackers to execute arbitrary commands remotely.
+ OSVDB-0: GET /cgi-perl/gm-authors.cgi : GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See http://www.attrition.org/~jericho/wo...reymatter.html for more info.
+ OSVDB-0: GET /cgi-perl/photo/protected/manage.cgi : My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ OSVDB-0: GET /cgi-perl/wrap.cgi : possible variation: comes with IRIX 6.2; allows to view directories
+ OSVDB-0: GET /forums/@ADMINconfig.php : PHP Config file may contain database IDs and passwords.
///////////////////////////////////